SteadyState and BigFix

system · July 30, 2009, 4:10am

(imported topic written by SystemAdmin)

Hello,

I dont know if this topic falls under “BES Deployment”, so let me ask my question:

Has anyone used both software’s in their environment?

I have tryed to make changes using SteadyState under the restricted account. Currently if the BigFix client makes changes when it reboots, all changes are disregarded.

Can the BF client run as another account (not system)?, and the follow up question Can an example be provided for the following action?

run as another account and stop steadystate
reboot
install software

thanks for the help

system · August 9, 2009, 7:21am

(imported comment written by SystemAdmin)

follow up:

if logged in with the restricted account, steadystate will not execute any changes to the system.

My question is, can I do a runas and execute the steadystate under that account?

I know the BES client runs as system, but when deploying software under the restricted account, the changes will not stay.

Any ideas?

system · August 17, 2009, 6:49pm

(imported comment written by SystemAdmin)

anyone?

BenKus · August 18, 2009, 6:18am

(imported comment written by BenKus)

Hi caifan,

We don’t expect that the BigFix Agent can run as a non-SYSTEM account and still work properly…

You

can

use a “runas” command in your actionscript, but then you would need to add a username/password and that information would not be secure because other agents would see it…

Ben

system · August 18, 2009, 8:37am

(imported comment written by SystemAdmin)

Hi Ben,

That is fine. Can you provide an example of how to use the “runas” command in the action script?

If its the runas is the windows runas command then this would be a sample of the actionscript:

“runas /profile /user:mymachine\administrator cmd”,

or is it the bigfix runas example:

"waithidden RunAsCurrentUser.exe cmd.exe /C “C:\Program Files\Windows SteadyState\SCTUI.exe /DisableWDPAndReboot”

thanks Ben,

BenKus · August 18, 2009, 10:11am

(imported comment written by BenKus)

Hey caifan,

You can use the same command in BigFix:

run cmd.exe /C runas /profile /user:mymachine\administrator cmd.exe

The runascurrentuser is designed to run as the user currently logged in the computer (no pw required).

And remember that we strongly recommend that you do NOT embed passwords in actions…

Ben

system · August 18, 2009, 7:01pm

(imported comment written by SystemAdmin)

Thanks Ben !